@@ -140,7 +140,7 @@ def poly_fetch_book(id, test_for_subclass=True):
140140 try :
141141 # This sink should have 2 sources, from `poly_save_base_book` and
142142 # `poly_save_physical_book`
143- SINK (book .title ) # $ MISSING: flow
143+ SINK (book .title ) # $ flow="SOURCE, l:-10 -> book.title"
144144 # The sink assertion will fail for the PolyEBook, which we handle. The title
145145 # attribute of a PolyBook could be tainted, so we want this to be a sink in general.
146146 except AssertionError :
@@ -153,11 +153,11 @@ def poly_fetch_book(id, test_for_subclass=True):
153153 assert isinstance (book , PolyPhysicalBook ) or isinstance (book , PolyEBook )
154154
155155 if isinstance (book , PolyPhysicalBook ):
156- SINK (book .title ) # $ MISSING: flow
156+ SINK (book .title ) # $ MISSING: flow="SOURCE, l:+11 -> book.title" SPURIOUS: flow="SOURCE, l:-23 -> book.title"
157157 SINK (book .physical_location ) # $ MISSING: flow
158158 SINK (book .same_name_different_value ) # $ MISSING: flow
159159 elif isinstance (book , PolyEBook ):
160- SINK_F (book .title )
160+ SINK_F (book .title ) # $ SPURIOUS: flow="SOURCE, l:-27 -> book.title"
161161 SINK_F (book .download_link )
162162 SINK_F (book .same_name_different_value )
163163
@@ -173,9 +173,9 @@ def poly_save_physical_book():
173173def poly_fetch_physical_book (id ):
174174 book = PolyPhysicalBook .objects .get (id = id )
175175
176- SINK (book .title ) # $ MISSING: flow
177- SINK (book .physical_location ) # $ MISSING: flow
178- SINK (book .same_name_different_value ) # $ MISSING: flow
176+ SINK (book .title ) # $ flow="SOURCE, l:-9 -> book.title"
177+ SINK (book .physical_location ) # $ flow="SOURCE, l:-9 -> book.physical_location"
178+ SINK (book .same_name_different_value ) # $ flow="SOURCE, l:-9 -> book.same_name_different_value"
179179
180180
181181def poly_save_ebook ():
0 commit comments